CVE-2024-6744: Cellopoint Secure Email Gateway Flaw Exposes Organizations to Critical Risk

In a recent advisory issued by the Taiwan Computer Emergency Response Team/Coordination Center (TWCERT/CC), a severe security flaw has been identified in the Cellopoint Secure Email Gateway (SEG), a renowned solution for pre-delivery email protection. This vulnerability, cataloged as CVE-2024-6744, has been assigned a critical severity score of 9.8 on the CVSS scale, indicating its high potential impact on affected systems.

Image: Cellopoint

The Flaw: A Stack-Based Buffer Overflow

The flaw resides in the SMTP Listener component of Cellopoint SEG, which fails to properly validate user input. This oversight can be exploited through a stack-based buffer overflow attack, enabling unauthenticated attackers to inject malicious code and potentially seize control of the targeted system.

Impact: Far-Reaching Consequences

The implications of this vulnerability are substantial. Successful exploitation could lead to:

• Data Breaches: Attackers could exfiltrate sensitive information, including emails, attachments, and confidential business data.
• System Takeover: Unauthorized access to the email gateway server could be used to disrupt email services, launch further attacks on the network, or deploy ransomware.
• Reputation Damage: Organizations impacted by breaches resulting from this vulnerability could face significant reputational harm and potential legal ramifications.

Affected Products

All versions of Cellopoint Secure Email Gateway prior to version 4.5.0 are vulnerable to this exploit.

Immediate Action Required

Cellopoint has released a patch, identified as Build_20240529, to address the CVE-2024-6744 vulnerability. Organizations using Cellopoint SEG are strongly urged to apply this patch immediately to mitigate the risk of compromise.